The present invention relates to secure web content services and, more particularly, to providing secure web content services to embedded devices.
Secure web content services require a user to authenticate to the service by presenting some form of access credential before granting access to the user. To obviate the need for a user to input a credential every time the user wishes to access the service, a security token representing the credential is often created and cached. For example, the first time a user accesses a service, the user may input a credential (e.g., username and password) by hand on a user interface of a web client device. The credential is sent to the service provider (SP) server that offers the service. The SP server generates a security token representing the credential (often in compacted form), puts the security token in a cookie and sends the cookie to the web client device. The web client device caches the cookie. The next time the user accesses the service, the web client device retrieves the cookie from the cache and sends the cookie to the SP server, relieving the user of the burden to input the credential by hand a second time.
Sometimes security tokens are erased from memory on a web client device. For example, on a personal computer, resetting the web browser or erasing the web browser history can cause a security token to be erased. On an embedded device, a software update can cause a security token to be erased. Moreover, due to severe memory constraints, many embedded devices have a limit on the number of cookies that can be simultaneously stored. If this limit is exceeded, the older cookies are discarded to make space for newer cookies, which can cause a security token to be erased.
The loss of a security token can be fairly easy to recover from when the web client device is a personal computer. The user can often simply re-input the credential on the web client device's qwerty keyboard and a new security token can be generated from the credential.
However, the loss of a security token can be much more difficult to recover from when the web client device is an embedded device. Many embedded devices receive user input on a keypad or an attached television. Thus, the user may have to make a multi-tap input on a keypad or navigate across a virtual on-screen keyboard using directional arrows to re-input each character of the credential. This consumes the user's valuable time and can be stressful as the user has to not only remember the credential but input it via a suboptimal interface.